CVE-2026-11379

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under...

EUVD-2026-39170

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under...

CVE-2026-11379 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under...

CVE-2026-11379

GitLab Security Advisory CVE-2026-11379 affects GitLab EE. The issue is an incorrect authorization flaw in DAST site profile management that could allow a user with the Developer role to exfiltrate DAST site profile secrets under certain conditions. Affected versions include all GitLab EE release...

EUVD-2018-21756

FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...

CVE-2018-25252

FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...

CVE-2018-25252

The CVE-2018-25252 entry concerns FTP Voyager 16.2.0, where a denial-of-service condition arises from a buffer overflow caused by injecting oversized data into the site profile IP field. Attackers can craft a site profile containing about 500 bytes of repeated characters and paste it into the IP ...

CVE-2018-25252

FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...

CVE-2018-25252 FTP Voyager 16.2.0 Denial of Service via Malformed Site Profile

FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...

PT-2026-30372

FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...

EUVD-2022-51696

Malicious code in bioql PyPI...

Imperva Continues to Innovate With New Features for Online Fraud Prevention

Last year, Imperva embarked on a mission to help organizations combat the growing threat of digital fraud. We introduced a new solution and a range of innovative features to help detect and prevent online fraud at its earliest stages. Imperva Online Fraud Prevention stops fraud ranging from...

CVE-2006-4949

Cross-site scripting XSS vulnerability in the Drupal 4.6 Site Profile Directory profilepages.module before 1.1.2.1 and the Drupal 4.7 Site Profile Directory profilepages.module before 1.2.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "lack o...

CVE-2006-4949

Drupal 4.6 Site Profile Directory (profile_pages.module) before 1.1.2.1 and Drupal 4.7 Site Profile Directory (profile_pages.module) before 1.2.2.1 contain an XSS vulnerability caused by lack of output validation, potentially in the name and title parameters. Remote attackers could inject arbitra...

CVE-2006-4949

Cross-site scripting XSS vulnerability in the Drupal 4.6 Site Profile Directory profilepages.module before 1.1.2.1 and the Drupal 4.7 Site Profile Directory profilepages.module before 1.2.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "lack o...